Ask the average person what is hacking and they will almost always come back with a negative response. A response like “A person that breaks into computers to steal information” is usually what I hear. It has become so negative that it is difficult to get some people to grasp the idea of “ethical hacking.”

Originally the term hacking or a hacker was used to describe someone who took a piece of hardware and made it function differently than its original design. There was no malicious intent at all. Early hackers included well known people like Steve Wozniak of Apple computers. He belonged to a group called the “Homebrew Computer Club” which consisted of individuals that loved to take hardware and tweak it and explore what other options it might be capable of. Sometimes it was nothing more than making the lights on a board move in different patterns. All very innocent and this was the original and true term of hacking.

Later, certain individuals wanted to find other ways to connect to computers that were not in the norm. They wanted to “hack” the science of networking. After all, hacking as we describe it today is nothing more than creating a network (albeit a one sided connection) that is not in the normal accepted practice.

Unfortunately it often bypasses authentication so it did allow the ability to connect without prior consent. This opened the door for much abuse and as humans we usually talk more about negatives than positives, so the term hacking is now considered something bad. Very similar to the word stink. Stink was originally used in old English meaning a smell or aroma. Due to most people only commenting on the negative, the word stink now refers to the worst smells. The word smell is quickly following the same path.

For me, I like the term hacker. I like the idea of exploring different ways of doing things that are outside of the normal practice. I am proud to be a hacker and I like that we are attempting to bring that term back to a positive connotation with the idea of Ethical Hacking.

I have to disagree, hacking has come to mean all of those things. We use tools I have writen myself and I use tools other have written. If it were not for black hats and all the things they do there would be no grey^H^H^H^H ethical hackers.

The existence of ethical hackers implies that there are unethical ones. I do stand by your rant nonetheless, hacking is more than running skiddie tools, boasting and whatever being way behind the curve in security research. You want to stand with us, then hand in your homework, take a number and get in line

I see hackers in 2 groups. The innovators and the ones that just copy what others have done. Both are doing hacking. If I use the analogy of a hardware hack, say my Tivo for instance, if I invent the best way to alter and change it to do something different, that’s an inventive hack. On the other hand, if I follow the instructions from another hacker on how to change it to what I want, I still see that as a “hack.” Perhaps not innovative because I didn’t invent the idea, but it took some skill to do it correctly and I did make some changes. That is, if we use the definition that hacking is altering the way it functioned from the factory preset. I have great admiration for the innovators, but I also respect those that can understand and implement successfully what those extremely creative ones have discovered.

Kev wrote: I see hackers in 2 groups. The innovators and the ones that just copy what others have done.

That's true for most things in life and hacking is no exception. Authors can write an novel and informative white paper or a regurgitated collection of other peoples work.

It goes for the kudos gained by all the good people working in IT sec. The unnovators (script kiddies) will only get recognition for the consquences of their hacks so they big that up. The innovators will get praise for their contribution to the field. In many cases both camps are motivated by the same drives, which often boils down to ego. I don't mean that in a bad way, if you do good work you deserve to have your head swell a bit. Take pride in your work and you'll elevate above the level of the common sploiter.

While I'm dumping my opinions to the board I'll stir things up a bit with a defence of never writing your own tools. It's possible to have a lot of well deserved success just running other people's tools. The skill of knowing the correct tool of the job and how to best leverage it in a engagement are often underrated. Hands up how many of you have enough knowledge to write a tool like yersinia? Not many? No shame in that, and why would you try to reinvent the wheel? If you understand how it works and how you can use it that's an important skill right there.

I would respectfully disagree with notion that learning to use other people's tools qualifies a person as a "hacker". Learning to use security/hacking tools like one of the criteria of the CEH, is nothing more then demonstrating some technical savvy and understanding at various levels. I only consider "innovators" to be true hackers. Coming out with something new is hacking. Making something do something that it was not designed to do is hacking. Doing what thousands have done before is not hacking IMO and thats what many white/greyhats don't understand. Thats not badmouthing security professionals or enthusiasts who don't write their own tools or publish new ideas, because I do not consider myself a true hacker in any sort of way. Far from it. Being well versed in tools and knowing how to pen test a system is not hacking. Maybe I'm to idealic, I only reserve the term hacker for "innovators". Also, it doesn't help things when the media label's script kiddies or crackers as hackers in their stories. It only distorts the meaning.

I don't want to downplay anyones idea of what a hacker is, but I think a distinction needs to be clarified here. All the posts so far are drawing contrasts between 'innovators' and people that use the innovators tools/exploits. This implies that innovators are those who create their own tools/exploits. Personally, I think hackerishness represents an intuition and a mindframe more than a measure of skill. There used to be a usenet group full of hackers, the only rule was that before asking a question, you had to post a hack. Every post started with a story about something hackerish, anything from reverse engineering an application to some weird networking trickery, to resoldering components to a board with a curling iron and a safety pin.

The hackerish innovators of the world aren't all writing tools... some are finding great ways to use them.

I think the reality is that just about everyone on this forum has their personal idea of what we should define a hacker or “true” hacker. Interestingly, I would say everyone so far that has posted has a valid point. That’s probably why it makes it hard to really define the term hacker.

The sad reality is if today I decided to go online and breach the security of my bank and I was caught, the press and the public would all unanimously label me a hacker regardless of my skill! That point I am sure we would all agree on.

In my understanding a hacker is someone who modifies something already existing (a software, hardware or whatever) to achieve a certain goal that could not be achieved without that modification.

Related to software such a modification can consist of just adding or changing a few lines of code to change the intended behavior or correct an obvious error of a software but also let's say replacing the operating system of a device (for instance I would call replacing the OS of a Linksys WRT-54 by OpenWRT a hack).

On the other hand I would not call it a hack to write some code to exploit a vulnerability, that's just coding

Most of the time if somebody mentiones "Hacking" that equals "doing something related to security" (if done by a BlackHat it's breaking in, if done by a WhiteHat it's pentesting) for a lot of people.

In my opinion doing a hack can be related to security but not everything one can do in relation to security is hacking.

pcsneaker wrote:In my understanding a hacker is someone who modifies something already existing (a software, hardware or whatever) to achieve a certain goal that could not be achieved without that modification.

I'd pretty much agree with that definition, since it covers hacking most everything from computers to toasters. There are several definitions of hacking depending on the context. I'm sure there are plenty of ham radio operators who regularly 'hack' their rigs to change some parameter or another.

Hacking I suppose is an intelectual pursuit. Some people copy, some innovate but what makes a hacker a hacker is the willingness to learn and reapply that knowledge.